/*
 *
 * Copyright 2017 Asylo authors
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 */

#ifndef ASYLO_PLATFORM_CRYPTO_NONCE_GENERATOR_H_
#define ASYLO_PLATFORM_CRYPTO_NONCE_GENERATOR_H_

#include <string>

#include "asylo/identity/util/bytes.h"
#include "asylo/util/status.h"

namespace asylo {

template <size_t Size>
class NonceGenerator {
 public:
  NonceGenerator() = default;
  virtual ~NonceGenerator() = default;

  // Writes next nonce to the |nonce| parameter. The nonce generator may
  // optionally use the |key_id| parameter to select a key_id-specific nonce.
  // There is however no guarantee that the nonce-generator implementation will
  // handle the key_id input as a sensitive secret. Consequently, users of the
  // nonce-generator interface must never pass sensitive keys directly as key
  // identifiers. Instead, a key_id must be generated from key using a one-way
  // hash function.
  virtual Status NextNonce(const std::vector<uint8_t> &key_id,
                           UnsafeBytes<Size> *nonce) = 0;

  // Indicates whether nonce generator utilizes the key_id input of the
  // NextNonce() method to maintain key-id-specific nonce state.
  virtual bool uses_key_id() { return false; }

  // Returns the size of the nonce generated by this nonce generator.
  static constexpr size_t nonce_size() { return Size; }
};

}  // namespace asylo

#endif  // ASYLO_PLATFORM_CRYPTO_NONCE_GENERATOR_H_
